In this Tutorial we are going to check if an Exchange Server is vulnerable to the Drown attack, the same procedure can be used on any server that runs IIS, which means SharePoint, Lync/Skype for Business and etc.

Solution

The best way to identify if your servers have the vulnerability is using the following site: https://test.drownattack.com (Thanks Damian!) and type in your exchange server that is published to the outside world and you will receive information if that address is vulnerable or not.

If you have to disable SSL v2, the process is extremely simple on Exchange Server however it requires a restart of the server. Here are the required steps:

Open regedit

Expand HKEY_LOCAL_MACHINE

Expand System

Expand CurrentControlSet

Expand Control

Expand SecurityProviders

Expand SCHANNEL

Expand Protocols

Expand SSL 2.0

Expand Server (if there is no such entry, please one)

Create a DWORD (32 bits) called Enabled and enter 0

Restart the computer

After that we can use the initial page and check the vulnerability, and the results at this time should be appearsfixed.

Anderson Patricio is a Canadian MVP in Cloud and Datacenter Management, and Office Server and Services, besides the Microsoft Award he also holds a Solutions Master (MCSM) in Exchange and several other certifications. Anderson has been contributing to the Microsoft Community with articles, tutorials, blog posts, twitter, forums and book reviews. He is a regular contributor here at ITPROCentral.com, MSExchange.org, Techgenix.com and Anderson Patricio.org (Portuguese).

Related Post

Categories

Follow us on Twitter

Welcome to the ITPROCentral.com!

We are an IT Pro resource site, here you'll find FREE tutorials, hints, downloads, scripts, reviews and IT news in general.

Here are some of the technologies that we covered on a regular basis: Microsoft Azure, Exchange Server, Active Directory, Hyper-V, Skype for Business, Virtual Machine Manager, System Center family and more..

If you want to contribute to the IT Pro Community, please drop us a line and start publishing your articles with us.